[_0w8t]

It greatly helps Apple that T2 is a separated chip specially designed to do one function well, that is to do crypto in a secure way even in presence of physical attacks. How to do that has been known for quite some time. For example, modern SIM cards or cards for satellite tv are very secure and a physical attack is possible if one is willing to spend like over 100K per card.

What Intel is trying to do is to allow a general purpose secure computing with minimal extra cost. This is relatively new and as various bugs demonstrates may not even archivable. I.e. it may be possible to create provably secure chip, but its cost will make it a niche product.

[baybal2]

> physical attack is possible if one is willing to spend like over 100K per card.

Firmware recovery from "hardened" microcontrollers costs $15-25k here, and even that's most likely a "special foreigner price"

[baby]

It’s not about firmware recovery: it’s about tampering it in a non-intrusive way OR extracting keys from its secured non volatile memory.

[baybal2]

Yes, MCU with intentionally hardened flash blocks are what those firmware recoverers specialize. They do things like gemalto chips sim and credit cards.

[baby]

the firmware should not be in internal flash though, where the keys are

[baby]

It looks to me that having a standalone chip is not great in general due to hardware attacks: you can easily MITM the system bus for example. Whereas a number of attacks become much harder once you use an integrated secure element.

The form factor of the iPhone of course almost makes the T2 secure enclave an integrated secure module. I also don’t think hardware attacks are really considered anyway (and as we see most researchers focus on software attacks)